Export limit exceeded: 23585 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (23585 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-33293 2 Debian, Libpano13 Project 2 Debian Linux, Libpano13 2024-11-21 9.1 Critical
Panorama Tools libpano13 v2.9.20 was discovered to contain an out-of-bounds read in the function panoParserFindOLine() in parser.c.
CVE-2021-33256 1 Zohocorp 1 Manageengine Adselfservice Plus 2024-11-21 8.8 High
A CSV injection vulnerability on the login panel of ManageEngine ADSelfService Plus Version: 6.1 Build No: 6101 can be exploited by an unauthenticated user. The j_username parameter seems to be vulnerable and a reverse shell could be obtained if a privileged user exports "User Attempts Audit Report" as CSV file. Note: The vendor disputes this vulnerability, claiming "This is not a valid vulnerability in our ADSSP product. We don't see this as a security issue at our side.
CVE-2021-33200 4 Fedoraproject, Linux, Netapp and 1 more 20 Fedora, Linux Kernel, Cloud Backup and 17 more 2024-11-21 7.8 High
kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation to root. In particular, there is a corner case where the off reg causes a masking direction change, which then results in an incorrect final aux->alu_limit.
CVE-2021-33185 1 Serenityos 1 Serenityos 2024-11-21 7.5 High
SerenityOS contains a buffer overflow in the set_range test in TestBitmap which could allow attackers to obtain sensitive information.
CVE-2021-33035 1 Apache 1 Openoffice 2024-11-21 7.8 High
Apache OpenOffice opens dBase/DBF documents and shows the contents as spreadsheets. DBF are database files with data organized in fields. When reading DBF data the size of certain fields is not checked: the data is just copied into local variables. A carefully crafted document could overflow the allocated space, leading to the execution of arbitrary code by altering the contents of the program stack. This issue affects Apache OpenOffice up to and including version 4.1.10
CVE-2021-33023 1 Advantech 1 Webaccess 2024-11-21 9.8 Critical
Advantech WebAccess versions 9.02 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code.
CVE-2021-33019 1 Deltaww 1 Dopsoft 2024-11-21 7.8 High
A stack-based buffer overflow vulnerability in Delta Electronics DOPSoft Version 4.00.11 and prior may be exploited by processing a specially crafted project file, which may allow an attacker to execute arbitrary code.
CVE-2021-33007 1 Deltaww 1 Tpeditor 2024-11-21 7.8 High
A heap-based buffer overflow in Delta Electronics TPEditor: v1.98.06 and prior may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code.
CVE-2021-33000 1 Advantech 1 Webaccess\/hmi Designer 2024-11-21 7.8 High
Parsing a maliciously crafted project file may cause a heap-based buffer overflow, which may allow an attacker to perform arbitrary code execution. User interaction is required on the WebAccess HMI Designer (versions 2.1.9.95 and prior).
CVE-2021-32990 1 Fatek 1 Winproladder 2024-11-21 9.8 Critical
FATEK Automation WinProladder Versions 3.30 and prior are vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code.
CVE-2021-32975 1 Hornerautomation 1 Cscape 2024-11-21 7.8 High
Cscape (All Versions prior to 9.90 SP5) lacks proper validation of user-supplied data when parsing project files. This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to execute code in the context of the current process.
CVE-2021-32959 1 Aveva 1 Suitelink 2024-11-21 8.1 High
Heap-based buffer overflow in SuiteLink server while processing commands 0x05/0x06
CVE-2021-32950 2 Opendesign, Siemens 4 Drawings Sdk, Comos, Jt2go and 1 more 2024-11-21 7.1 High
An out-of-bounds read issue exists within the parsing of DXF files in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of-service condition or read sensitive information from memory locations.
CVE-2021-32947 1 Fatek 1 Fvdesigner 2024-11-21 7.8 High
FATEK Automation FvDesigner, Versions 1.5.88 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.
CVE-2021-32943 1 Advantech 1 Webaccess\/scada 2024-11-21 9.8 Critical
The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1).
CVE-2021-32940 2 Opendesign, Siemens 4 Drawings Sdk, Comos, Jt2go and 1 more 2024-11-21 7.1 High
An out-of-bounds read issue exists in the DWG file-recovering procedure in the Drawings SDK (All versions prior to 2022.5) resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allow attackers to cause a denial-of-service condition or read sensitive information from memory locations.
CVE-2021-32938 2 Opendesign, Siemens 4 Drawings Sdk, Comos, Jt2go and 1 more 2024-11-21 7.1 High
Drawings SDK (All versions prior to 2022.4) are vulnerable to an out-of-bounds read due to parsing of DWG files resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of service condition or read sensitive information from memory.
CVE-2021-32781 2 Envoyproxy, Redhat 2 Envoy, Service Mesh 2024-11-21 8.6 High
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions after Envoy sends a locally generated response it must stop further processing of request or response data. However when local response is generated due the internal buffer overflow while request or response is processed by the filter chain the operation may not be stopped completely and result in accessing a freed memory block. A specifically constructed request delivered by an untrusted downstream or upstream peer in the presence of extensions that modify and increase the size of request or response bodies resulting in a Denial of Service when using extensions that modify and increase the size of request or response bodies, such as decompressor filter. Envoy versions 1.19.1, 1.18.4, 1.17.4, 1.16.5 contain fixes to address incomplete termination of request processing after locally generated response. As a workaround disable Envoy's decompressor, json-transcoder or grpc-web extensions or proprietary extensions that modify and increase the size of request or response bodies, if feasible.
CVE-2021-32762 5 Debian, Fedoraproject, Netapp and 2 more 6 Debian Linux, Fedora, Management Services For Element Software and 3 more 2024-11-21 7.5 High
Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies. This is a result of a vulnerability in the underlying hiredis library which does not perform an overflow check before calling the calloc() heap allocation function. This issue only impacts systems with heap allocators that do not perform their own overflow checks. Most modern systems do and are therefore not likely to be affected. Furthermore, by default redis-sentinel uses the jemalloc allocator which is also not vulnerable. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14.
CVE-2021-32761 3 Debian, Fedoraproject, Redislabs 3 Debian Linux, Fedora, Redis 2024-11-21 7.5 High
Redis is an in-memory database that persists on disk. A vulnerability involving out-of-bounds read and integer overflow to buffer overflow exists starting with version 2.2 and prior to versions 5.0.13, 6.0.15, and 6.2.5. On 32-bit systems, Redis `*BIT*` command are vulnerable to integer overflow that can potentially be exploited to corrupt the heap, leak arbitrary heap contents or trigger remote code execution. The vulnerability involves changing the default `proto-max-bulk-len` configuration parameter to a very large value and constructing specially crafted commands bit commands. This problem only affects Redis on 32-bit platforms, or compiled as a 32-bit binary. Redis versions 5.0.`3m 6.0.15, and 6.2.5 contain patches for this issue. An additional workaround to mitigate the problem without patching the `redis-server` executable is to prevent users from modifying the `proto-max-bulk-len` configuration parameter. This can be done using ACL to restrict unprivileged users from using the CONFIG SET command.